- Original Message -
From: "natch" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, April 19, 2004 1:49 PM
Subject: Re: [Full-Disclosure] Norton AntiVirus nested file manual scan
bypass.
> Nice, but the faster method is to copy \winnt\system32\cmd.exe to
> \winnt\winhlp32.e
There are a number of packet generation tools that can be used for "new"
TCP/BGP vulnerability. I know of one that will actually make your
IP/TCP/BGP headers for you.
These tools have been around for a few years now.
Why the sudden reaction?
Any security person with an ISP background should h
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
= pisg XSS
=
pisg is an IRC channel statics generator written in Perl, it creates
statistics from differe
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Zone Labs is aware of a recent report of an issue with the
ZoneAlarm Pro inbound mail protection feature.
This report is currently being investigated. Zone Labs
will issue a formal response at the earliest opportunity.
Zone Labs takes the securi
-BEGIN PGP SIGNED MESSAGE-
SGI Security Advisory
Title : SGI Advanced Linux Environment security update #18
Number: 20040404-01-U
Date : April 21, 2004
Reference :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: utempter
Advisory ID:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
___
Mandrakelinux Security Update Advisory
___
Package name: xchat
Advisory ID:
Actually, the letter will probably have the date for the shutdown, and
state that all PC's must have a TCP upgrade or they will be unable to
connect to the updated protocol. Call your vendor for updates. ;)
Feher Tamas wrote:
Hello,
I wonder if some foul will initiate a chain letter that clai
{}
{ [waraxe-2004-SA#022]
}
{}
{
{}
{ [waraxe-2004-SA#021]
}
{}
{
-BEGIN PGP SIGNED MESSAGE-
__
SGI Security Advisory
Title : Vulnerabilities in long-lived TCP connections
Number: 20040403-01-A
Date : April 21, 2004
Reference : NIS
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2004-005
=
Topic: Denial of service vulnerabilities in OpenSSL
Version:NetBSD-current: source prior to March 22, 2004
NetBSD 2.0: b
-BEGIN PGP SIGNED MESSAGE-
NetBSD Security Advisory 2004-006
=
Topic: TCP protocol and implementation vulnerability
Version:NetBSD-current: source prior to April 22, 2004
NetBSD 2.0:
"Yahoo! Mail" Account Filter Overflow Hijack
Release Date:
April 19, 2004
Date Reported:
March 10, 2004
Severity:
High
Vendor:
Yahoo!
Description:
"Yahoo! Mail" is one of the Internet's most popular
web based email solutions. They provide free email and
large capacity storage, as well as sub
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Red Hat Security Advisory
Synopsis: Updated kernel packages resolve security vulnerabilities
Advisory ID: RHSA-2004:166-01
Issue date:200
> can someone tell me what this attack is trying to accomplish:
> 212.56.240.47 - - [20/Apr/2004:14:37:07 +0200] "GET
> .hash=a577b8c9de273fe7ac21276fe3dd318de6b010bc HTTP/1.1" 404 324 "-" -"
> http://thum.ath.cx/Security/what.hash
Looks like Fasttrack traffic (Kazaa and friends) and probably is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
The new versions of NetStumbler and MiniStumbler have been released. They
are available for
download at http://www.stumbler.net
Thank you Marius for your hard work on NetStumbler and MiniStumbler.
Chris
-BEGIN PGP SIGNATURE-
Version: GnuPG v
In case people are still looking for details, here is
the UK story link:
http://www.uniras.gov.uk/vuls/2004/236929/index.htm
__
Do you Yahoo!?
Yahoo! Photos: High-quality 4x6 digital prints for 25¢
http://photos.yahoo.com/ph/print_splash
These guys donated some space for you whiners:
http://full-disclosure.50megs.com/
And these guys could use your help:
http://www.lupus.org/support/donationform.html
--
Mortis
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-di
hi,
just wanna point out a small release.
it's a remote root for the latest IIS 5 SSL pct bug.
found by: IIS
reversing work: halvar flake
exploit : johnny cyberpunk
http://www.thc.org/download.php?t=e&f=THCIISSLame.zip
enjoy,
johnny cyberpunk/thc
--
NEU : GMX Internet.FreeDSL
Ab sofort DSL-T
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- --
Debian Security Advisory DSA 493-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
April 21st, 2004
can someone tell me what this attack is trying to accomplish:
212.56.240.47 - - [20/Apr/2004:14:37:07 +0200] "GET
.hash=a577b8c9de273fe7ac21276fe3dd318de6b010bc HTTP/1.1" 404 324 "-" -"
http://thum.ath.cx/Security/what.hash
thanks
i.t
___
Full-Disclosu
>Does anyone know WTF they are trying to say in this AP article,
>"Core Internet Technology Is Vulnerable,"
>
>
>
>Emergency!!!
>Raise shields!!!
>
Dump the core before it blows.
___
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.c
Hello,
I wonder if some foul will initiate a chain letter that claims the global
Internet needs to be shut down to implement the software changes to
BGP in order to eliminate the recently identified vulnerabilities and
urges the reader to forward this important news to all Netizens he/she
know
Ha
Just a joke of April 1. I never hear this before.
Best Regards
-邮件原件-
发件人: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] 代表 Feher Tamas
发送时间: 2004年4月21日 16:28
收件人: [EMAIL PROTECTED]
主题: [Full-Disclosure] Core Internet Vulnerable - IETF Draft Fix for RFC793
Hello,
I wond
...on Tue, Apr 20, 2004 at 07:03:01PM -0500, Jade E. Deane wrote:
> When a BGP speaker loses a peer, said peer's routes are withdrawn.
And then there's flap dampening...
Alex.
> On Tue, 2004-04-20 at 16:20 -0500, Alerta Redsegura wrote:
> > If I recall well, a BGP speaker only sends/receives
Jeremiah Cornelius wrote:
"All because the Lady loves Milk Tray..." The BBC has an article about
users giving up their passwords for chocolate.
Hehehehe, I really got a kick outta this. It really goes a long way to
show why you do *not* need to go very fancy with technology to eg attack
strong c
Isnt this the same vulnerabilitywhich was first
reported on FD(almost a year ago..) ..and supposedly
made FD "famous" (as regards being noticed by the
press).
> I am forwarding this as it may impact people whom
> depend on MSN or
> passport systems for business reasons. Contrary to
> what at
> le
28 matches
Mail list logo
